Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3052 | 2 Absoluteanime, Phpbb | 2 Prime Quick Style, Phpbb | 2017-09-18 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in root/includes/prime_quick_style.php in the Prime Quick Style addon before 1.2.3 for phpBB 3 allows remote authenticated users to execute arbitrary SQL commands via the prime_quick_style parameter to ucp.php. | |||||
| CVE-2009-3054 | 2 Artetics, Joomla | 2 Com Artportal, Joomla | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Artetics.com Art Portal (com_artportal) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the portalid parameter to index.php. | |||||
| CVE-2009-3062 | 1 Phplivesupport. | 1 Phplive\! | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in message_box.php in OSI Codes PHP Live! 3.3 allows remote attackers to execute arbitrary SQL commands via the deptid parameter. | |||||
| CVE-2009-3063 | 2 Indianpulses, Joomla | 2 Com Gameserver, Joomla | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Game Server (com_gameserver) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a gamepanel action to index.php. | |||||
| CVE-2009-3175 | 1 Boldfx | 1 Model Agency Manager Pro | 2017-09-18 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Model Agency Manager PRO (formerly Modeling Agency Content Management Script) allow remote attackers to execute arbitrary SQL commands via the user_id parameter to (1) view.php, (2) photos.php, and (3) motm.php; and the (4) id parameter to forum_message.php. | |||||
| CVE-2009-3116 | 1 Uiga | 1 Church Portal | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Uiga Church Portal allows remote attackers to execute arbitrary SQL commands via the year parameter in a calendar action. | |||||
| CVE-2009-3117 | 1 Snowhall | 1 Silurus System | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in category.php in Snow Hall Silurus System 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
| CVE-2009-3148 | 1 Portalxp | 1 Portalxp | 2017-09-18 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PortalXP Teacher Edition 1.2 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) calendar.php, (2) news.php, and (3) links.php; and the (4) assignment_id parameter to assignments.php. | |||||
| CVE-2009-3150 | 1 Multi-website | 1 Multi Website | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Multi Website 1.5 allows remote attackers to execute arbitrary SQL commands via the Browse parameter in a vote action. | |||||
| CVE-2009-3154 | 2 Almondsoft, Joomla | 2 Com Aclassf, Joomla | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Almond Classifieds (com_aclassf) component 7.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the replid parameter in a manw_repl add_form action to index.php, a different vector than CVE-2009-2567. | |||||
| CVE-2009-3185 | 1 Comsenz | 2 Crazy Star Plugin, Discuz\! | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in plugin.php in the Crazy Star plugin 2.0 for Discuz! allows remote authenticated users to execute arbitrary SQL commands via the fmid parameter in a view action. | |||||
| CVE-2009-3190 | 1 Pad-site-scripts | 1 Pad Site Scripts | 2017-09-18 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PAD Site Scripts 3.6 allow remote attackers to execute arbitrary SQL commands via the (1) search parameter to list.php and (2) cat parameter to rss.php. | |||||
| CVE-2009-3193 | 2 Joomla, Uwix | 2 Joomla, Com Digifolio | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the DigiFolio (com_digifolio) component 1.52 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a project action to index.php. | |||||
| CVE-2009-3217 | 1 Wiccle | 1 Iwiccle | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the admin module in iWiccle 1.01 allows remote attackers to execute arbitrary SQL commands via the member_id parameter in an edit_user action to index.php. | |||||
| CVE-2009-3218 | 1 The-ghost | 1 Ar Web Content Manager | 2017-09-18 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in control/login.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2009-3223 | 1 Inoutscripts | 1 Inout Adserver | 2017-09-18 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in ppc-add-keywords.php in Inout Adserver allows remote authenticated users to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-3224 | 2 68classifieds, Classified-software | 2 68 Classifieds, Super Mod System | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Super Mod System, when using the 68 Classifieds 3.1 Core System, allows remote attackers to execute arbitrary SQL commands via the s parameter. | |||||
| CVE-2009-3246 | 1 Mybuxscript | 1 Pts-bux | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in spnews.php in MyBuxScript PTC-BUX allows remote attackers to execute arbitrary SQL commands via the id parameter in an spnews action to the default URI. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-3252 | 1 Dave Robinson | 1 Rockbandcms | 2017-09-18 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in news.php in Rock Band CMS 0.10 allow remote attackers to execute arbitrary SQL commands via the (1) year and (2) id parameters. | |||||
| CVE-2009-3308 | 1 Fanupdate | 1 Fanupdate | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in show-cat.php in FanUpdate 2.2.1 allows remote attackers to execute arbitrary SQL commands via the listingid parameter. | |||||